End-of-Day report
Timeframe: Donnerstag 08-10-2020 18:00 - Freitag 09-10-2020 18:00
Handler: Dimitri Robl
Co-Handler: Thomas Pribitzer
News
Phishing kits as far as the eye can see, (Fri, Oct 9th)
If you've never delved too deep into the topic of phishing kits, you might quite reasonably expect that they would be the sort of tools, which are traded almost exclusively on dark web marketplaces. This is however not the case.
https://isc.sans.edu/diary/rss/26660
Firebase: Google Cloud-s Evil Twin - Excerpt
Firebase is the most popular developer tool that security has never heard of. We will bring its numerous flaws to light.
https://www.sans.org/blog/firebase-google-cloud-s-evil-twin-condensed
BSI-Team räumt bei CHES-Challenge alle Preise ab
Vom 14. bis 18. September 2020 veranstaltete die International Association for Cryptologic Research (IACR) die Conference on Cryptographic Hardware and Embedded Systems (CHES). Die CHES ist die weltweit größte und renommierteste hardwarenahe Kryptographietagung.
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2020/CHES-Challenge_091020.html
verbraucherclub.de: Warnung vor unseriösen Werbeschaltungen!
Haben Sie bereits von der Smartwatch -KoreTrak- gehört, die ein Lebensretter für SeniorInnen sein soll? Oder von der LiveWave Antenna, die Ihnen gratis Fernsehen ins Wohnzimmer zaubert? Wenn ja, dann sind Sie wohl auf eine unseriöse Werbeschaltung von verbraucherclub.de gestoßen.
https://www.watchlist-internet.at/news/verbraucherclubde-warnung-vor-unserioesen-werbeschaltungen/
Microsoft Exchange CVE-2020-0688 Revisited -- in zwei Akten
Im April veröffentlichten wir einen Blogpost über Microsoft Exchange Server, die für die bereits im Februar 2020 gepatchte Lücke CVE-2020-0688 anfällig waren.
https://cert.at/de/aktuelles/2020/10/microsoft-exchange-cve-2020-0688-revisited
Vulnerabilities
Apples T2: Wenn der Sicherheitschip zum Keylogger wird
Eigentlich soll Apples T2-Chip für Sicherheit sorgen, ein Forscherteam könnte ihn jedoch in einen Keylogger umwandeln.
https://www.golem.de/news/apples-t2-wenn-der-sicherheitschip-zum-keylogger-wird-2010-151401-rss.html
We Hacked Apple for 3 Months: Here-s What We Found
During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victims iCloud account, retrieve source code for internal Apple projects, [...]
https://samcurry.net/hacking-apple/
Credit card skimmer targets virtual conference platform
Criminals have gone after an online conference platform to steal credit card data from virtual attendees.
https://blog.malwarebytes.com/malwarebytes-news/2020/10/credit-card-skimmer-targets-virtual-conference-platform/
Security Bulletin: An XPath vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4774)
https://www.ibm.com/blogs/psirt/security-bulletin-an-xpath-vulnerability-may-impact-ibm-cram-social-program-management-cve-2020-4774/
Security Bulletin: IBM Cúram Social Program Management uses MD5 algorithm (CVE-2020-4778)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cram-social-program-management-uses-md5-algorithm-cve-2020-4778/
Security Bulletin: A cross-site scripting (XSS) vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4775)
https://www.ibm.com/blogs/psirt/security-bulletin-a-cross-site-scripting-xss-vulnerability-may-impact-ibm-cram-social-program-management-cve-2020-4775/
Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lcms-premier-on-premise-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-plus-one-additional-vulnerability/
Security Bulletin: An improper input validation vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4781)
https://www.ibm.com/blogs/psirt/security-bulletin-an-improper-input-validation-vulnerability-may-impact-ibm-cram-social-program-management-cve-2020-4781/
Security Bulletin: API Connect is vulnerable to denial of service via Kubernetes (CVE-2020-8557, CVE-2020-8559)
https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-vulnerable-to-denial-of-service-via-kubernetes-cve-2020-8557-cve-2020-8559/
Security Bulletin: Security vulnerabilities have been fixed in IBM Security Access Manager and IBM Security Verify Access (CVE-2020-4661, CVE-2020-4699, CVE-2020-4660)
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-fixed-in-ibm-security-access-manager-and-ibm-security-verify-access-cve-2020-4661-cve-2020-4699-cve-2020-4660/
Security Bulletin: API Connect is vulnerable to denial of service (CVE-2020-16845)
https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-vulnerable-to-denial-of-service-cve-2020-16845/
Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-integration-bus-ibm-app-connect-enterprise-v11/
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11.
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-5/